SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK)
Medium Nessus Plugin ID 81606
SynopsisThe remote host supports a set of weak ciphers.
DescriptionThe remote host supports EXPORT_RSA cipher suites with keys less than or equal to 512 bits. An attacker can factor a 512-bit RSA modulus in a short amount of time.
A man-in-the middle attacker may be able to downgrade the session to use EXPORT_RSA cipher suites (e.g. CVE-2015-0204). Thus, it is recommended to remove support for weak cipher suites.
SolutionReconfigure the service to remove support for EXPORT_RSA cipher suites.